Data Breach & Incident Response Policy — Servora Enterprise Limited™

Effective date: [Effective date]

At ServoraPrise Ecosystem, we take security seriously and maintain structured incident detection, response, and recovery procedures. This page explains how we identify, contain, and communicate data breaches to protect our users and comply with applicable laws.

1. Incident Detection & Containment

We use automated monitoring tools and security audits to detect unusual activity. When a potential incident is identified, our response team takes immediate steps to:

• Isolate affected systems to prevent further exposure.
• Preserve forensic evidence for investigation.
• Apply containment measures such as access revocation or service suspension.

2. Notification to Users

If a breach affecting personal data occurs, we will notify affected users without undue delay. Notifications will be sent via email and, where necessary, published on our website. The notice will include:

• The nature and scope of the breach.
• The types of personal data affected.
• Potential risks and likely consequences.
• Actions we are taking to mitigate the impact.
• Steps users can take to protect themselves.

Where feasible, notification will occur within 72 hours of becoming aware of the breach, in line with global data protection standards (e.g., GDPR, NDPR).

3. Regulatory Notification

We will notify relevant regulators or supervisory authorities as required by applicable laws (including the Nigerian Data Protection Regulation — NDPR, and other international standards if applicable). We will cooperate fully with investigations and provide all required documentation.

4. User Responsibilities & Recommended Actions

If you are notified of a potential data breach, we strongly recommend that you:

• Change your account password immediately and avoid reusing old passwords.
• Enable multi-factor authentication (MFA) where available.
• Monitor your account activity and financial statements for unusual transactions.
• Report any suspicious activity to us promptly.
• Contact support at support@servoraprise.com for guidance.

5. Continuous Improvement

After each incident, we conduct a post-incident review to improve our controls, update policies, and strengthen our cybersecurity framework to reduce the likelihood of recurrence.